2.4.4: Secure Shell Public Key Settings Not Generating Key
-
I started anew with pfSense (updated from 2.4.3 to 2.4.4 in my old setup and then reset to Factory Defaults). With my initial setup a couple of years ago (and this will be approximate since the interface has changed during that time), when I changed the Secure Shell settings at:
System > Advanced > Admin Access
by turning on the Enable Secure Shell setting and then choosing one of the three SSHd Key Only
options:- Password or Public Key
- Public Key Only
- Require Both Password and Public Key
pfSense popped up a message that it was generating a key (EDIT: No, I manually generated this key in PuttyGen and pasted it in > "
...and, I believe, put that key in System > User Manager"). With 2.4.4, I got no such messageand no public key. Is this expected behavior now?Also, and this might be related, as I switched between those SSHd Key options, I got the following notifications:
Notices Filter Reload There were error(s) loading the rules: /tmp/rules.debug:106: unknown port b - The line in question reads [106]: block in log quick proto tcp from <sshguard> to (self) port b tracker 1000000301 label "sshguard" @ 2018-11-30 13:47:29 There were error(s) loading the rules: /tmp/rules.debug:106: unknown port e - The line in question reads [106]: block in log quick proto tcp from <sshguard> to (self) port e tracker 1000000301 label "sshguard" @ 2018-11-30 13:48:33I'm not sure, but is that related to:
https://redmine.pfsense.org/issues/8974
-
That issue is fixed by the commits listed on the redmine issue you linked.
Remember: Upvote with the ๐ button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
And BTW this is also fixed in 2.4.4-p1 which is out now. You will most likely need to edit/save the settings on System > Advanced one more time after setting them back the way you want.
Remember: Upvote with the ๐ button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
@jimp said in 2.4.4: Secure Shell Public Key Settings Not Generating Key:
That issue is fixed by the commits listed on the redmine issue you linked.
Thanks. Are there repercussions to this in pfSense? For instance, yesterday, I couldn't get my Firewall log to stop logging all default deny blocks (unchecking the box in settings didn't seem to work). I finally rebooted the firewall and now nothing seems to be logged in the Firewall area. I even turned on the option to log all default pass rules (all the log options are on). I've also rebooted. Nothing has shown up in that log in about 12 hours (as opposed to the thousands I was seeing before).
-
@jimp said in 2.4.4: Secure Shell Public Key Settings Not Generating Key:
And BTW this is also fixed in 2.4.4-p1 which is out now. You will most likely need to edit/save the settings on System > Advanced one more time after setting them back the way you want.
Thanks. I'll update to that as soon as I can. Congratulations on the new release.
-
I'm pretty sure this is fixed with 2.4.4_1. The error messages have gone away and when I reset the options the system paused for quite some time. I'm assuming it was generating the keys. I didn't get any message about key generation, though.
